CVE-2021-43638

Amazon Amazon WorkSpaces agent is affected by Integer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.
Configurations

Configuration 1 (hide)

cpe:2.3:a:amazon:workspaces:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:29

Type Values Removed Values Added
References () https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/ - Exploit, Technical Description, Third Party Advisory () https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/ - Exploit, Technical Description, Third Party Advisory

09 Dec 2021, 14:13

Type Values Removed Values Added
References (MISC) https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/ - (MISC) https://www.sentinelone.com/labs/usb-over-ethernet-multiple-privilege-escalation-vulnerabilities-in-aws-and-other-major-cloud-services/ - Exploit, Technical Description, Third Party Advisory
CVSS v2 : unknown
v3 : unknown
v2 : 7.2
v3 : 8.8
CWE CWE-190
CPE cpe:2.3:a:amazon:workspaces:*:*:*:*:*:*:*:*

07 Dec 2021, 20:31

Type Values Removed Values Added
New CVE

Information

Published : 2021-12-07 20:15

Updated : 2024-11-21 06:29


NVD link : CVE-2021-43638

Mitre link : CVE-2021-43638

CVE.ORG link : CVE-2021-43638


JSON object : View

Products Affected

amazon

  • workspaces
CWE
CWE-190

Integer Overflow or Wraparound